Fix ConfirmCredential is not presented before trusting cert installed by PO/DO

- Show ConfirmCredential in TrustedCredentialsSettings when Trust button is clicked for the very first time since the activity launched - Warning activity (work mode off, crpyto-aware) should not be shown when the activity is started. Also fixed it here. Bug: 28619980 Change-Id: I084b70883c087376e437a9ad3238d7c3313a0a17
2016-05-09 16:13:10 +01:00
parent 04b25af149
commit 01f4dbcc1c
3 changed files with 81 additions and 15 deletions
--- a/src/com/android/settings/MonitoringCertInfoActivity.java
+++ b/src/com/android/settings/MonitoringCertInfoActivity.java
@@ -29,15 +29,20 @@ import android.provider.Settings;
 /**
 * Activity that shows a dialog explaining that a CA cert is allowing someone to monitor network
- * traffic. This activity should be launched for the user into which the CA cert is installed.
+ * traffic. This activity should be launched for the user into which the CA cert is installed
 * unless Intent.EXTRA_USER_ID is provided.
 */
 public class MonitoringCertInfoActivity extends Activity implements OnClickListener,
        OnDismissListener {
    private int mUserId;
    @Override
    protected void onCreate(Bundle savedStates) {
        super.onCreate(savedStates);
        mUserId = getIntent().getIntExtra(Intent.EXTRA_USER_ID, UserHandle.myUserId());
        DevicePolicyManager dpm = getSystemService(DevicePolicyManager.class);
        final int numberOfCertificates = getIntent().getIntExtra(
                Settings.EXTRA_NUMBER_OF_CERTIFICATES, 1);
@@ -53,7 +58,7 @@ public class MonitoringCertInfoActivity extends Activity implements OnClickListe
        builder.setNeutralButton(R.string.cancel, null);
        builder.setOnDismissListener(this);
-        if (dpm.getProfileOwner() != null) {
+        if (dpm.getProfileOwnerAsUser(mUserId) != null) {
            builder.setMessage(getResources().getQuantityString(R.plurals.ssl_ca_cert_info_message,
                    numberOfCertificates, dpm.getProfileOwnerName()));
        } else if (dpm.getDeviceOwnerComponentOnCallingUser() != null) {
@@ -72,7 +77,7 @@ public class MonitoringCertInfoActivity extends Activity implements OnClickListe
    public void onClick(DialogInterface dialog, int which) {
        Intent intent = new Intent(android.provider.Settings.ACTION_TRUSTED_CREDENTIALS_USER);
        intent.setFlags(Intent.FLAG_ACTIVITY_NEW_TASK | Intent.FLAG_ACTIVITY_CLEAR_TOP);
-        intent.putExtra(TrustedCredentialsSettings.ARG_SHOW_NEW_FOR_USER, UserHandle.myUserId());
+        intent.putExtra(TrustedCredentialsSettings.ARG_SHOW_NEW_FOR_USER, mUserId);
        startActivity(intent);
        finish();
    }
--- a/src/com/android/settings/TrustedCredentialsDialogBuilder.java
+++ b/src/com/android/settings/TrustedCredentialsDialogBuilder.java
@@ -43,6 +43,7 @@ class TrustedCredentialsDialogBuilder extends AlertDialog.Builder {
    public interface DelegateInterface {
        List<X509Certificate> getX509CertsFromCertHolder(CertHolder certHolder);
        void removeOrInstallCert(CertHolder certHolder);
        boolean startConfirmCredentialIfNotConfirmed(int userId);
    }
    private final DialogEventHandler mDialogEventHandler;
@@ -144,8 +145,10 @@ class TrustedCredentialsDialogBuilder extends AlertDialog.Builder {
        private void onClickTrust() {
            CertHolder certHolder = getCurrentCertInfo();
-            mDpm.approveCaCert(certHolder.getAlias(), certHolder.getUserId(), true);
+            if (!mDelegate.startConfirmCredentialIfNotConfirmed(certHolder.getUserId())) {
-            nextOrDismiss();
+                mDpm.approveCaCert(certHolder.getAlias(), certHolder.getUserId(), true);
                nextOrDismiss();
            }
        }
        private void onClickRemove() {
--- a/src/com/android/settings/TrustedCredentialsSettings.java
+++ b/src/com/android/settings/TrustedCredentialsSettings.java
@@ -17,6 +17,7 @@
 package com.android.settings;
 import android.annotation.UiThread;
 import android.app.Activity;
 import android.app.KeyguardManager;
 import android.app.admin.DevicePolicyManager;
 import android.content.BroadcastReceiver;
@@ -79,8 +80,10 @@ public class TrustedCredentialsSettings extends OptionsMenuFragment
    private KeyguardManager mKeyguardManager;
    private int mTrustAllCaUserId;
-
+    private static final String SAVED_CONFIRMED_CREDENTIAL_USERS = "ConfirmedCredentialUsers";
    private static final String SAVED_CONFIRMING_CREDENTIAL_USER = "ConfirmingCredentialUser";
    private static final String USER_ACTION = "com.android.settings.TRUSTED_CREDENTIALS_USER";
    private static final int REQUEST_CONFIRM_CREDENTIALS = 1;
    @Override
    protected int getMetricsCategory() {
@@ -154,6 +157,8 @@ public class TrustedCredentialsSettings extends OptionsMenuFragment
    private TabHost mTabHost;
    private ArrayList<GroupAdapter> mGroupAdapters = new ArrayList<>(2);
    private AliasOperation mAliasOperation;
    private ArraySet<Integer> mConfirmedCredentialUsers;
    private int mConfirmingCredentialUser;
    private Set<AdapterData.AliasLoader> mAliasLoaders = new ArraySet<AdapterData.AliasLoader>(2);
    private final SparseArray<KeyChainConnection>
            mKeyChainConnectionByProfileId = new SparseArray<KeyChainConnection>();
@@ -182,6 +187,17 @@ public class TrustedCredentialsSettings extends OptionsMenuFragment
                .getSystemService(Context.KEYGUARD_SERVICE);
        mTrustAllCaUserId = getActivity().getIntent().getIntExtra(ARG_SHOW_NEW_FOR_USER,
                UserHandle.USER_NULL);
        mConfirmedCredentialUsers = new ArraySet<>(2);
        mConfirmingCredentialUser = UserHandle.USER_NULL;
        if (savedInstanceState != null) {
            mConfirmingCredentialUser = savedInstanceState.getInt(SAVED_CONFIRMING_CREDENTIAL_USER,
                    UserHandle.USER_NULL);
            ArrayList<Integer> users = savedInstanceState.getIntegerArrayList(
                    SAVED_CONFIRMED_CREDENTIAL_USERS);
            if (users != null) {
                mConfirmedCredentialUsers.addAll(users);
            }
        }
        IntentFilter filter = new IntentFilter();
        filter.addAction(Intent.ACTION_MANAGED_PROFILE_AVAILABLE);
@@ -190,6 +206,14 @@ public class TrustedCredentialsSettings extends OptionsMenuFragment
        getActivity().registerReceiver(mWorkProfileChangedReceiver, filter);
    }
    @Override
    public void onSaveInstanceState(Bundle outState) {
        super.onSaveInstanceState(outState);
        outState.putIntegerArrayList(SAVED_CONFIRMED_CREDENTIAL_USERS, new ArrayList<>(
                mConfirmedCredentialUsers));
        outState.putInt(SAVED_CONFIRMING_CREDENTIAL_USER, mConfirmingCredentialUser);
    }
    @Override public View onCreateView(
            LayoutInflater inflater, ViewGroup parent, Bundle savedInstanceState) {
        mTabHost = (TabHost) inflater.inflate(R.layout.trusted_credentials, parent, false);
@@ -219,6 +243,16 @@ public class TrustedCredentialsSettings extends OptionsMenuFragment
        super.onDestroy();
    }
    @Override
    public void onActivityResult(int requestCode, int resultCode, Intent data) {
        if (requestCode == REQUEST_CONFIRM_CREDENTIALS) {
            if (resultCode == Activity.RESULT_OK) {
                mConfirmedCredentialUsers.add(mConfirmingCredentialUser);
            }
            mConfirmingCredentialUser = UserHandle.USER_NULL;
        }
    }
    private void closeKeyChainConnections() {
        final int n = mKeyChainConnectionByProfileId.size();
        for (int i = 0; i < n; ++i) {
@@ -262,14 +296,18 @@ public class TrustedCredentialsSettings extends OptionsMenuFragment
    }
    /**
-     * Start work challenge activity. TODO: Move and refactor this method as a util function.
+     * Start work challenge activity.
     * @return true if screenlock exists
     */
-    private void startWorkChallenge(int userId) {
+    private boolean startConfirmCredential(int userId) {
        final Intent newIntent = mKeyguardManager.createConfirmDeviceCredentialIntent(null, null,
                userId);
-        newIntent.setFlags(Intent.FLAG_ACTIVITY_NEW_TASK
+        if (newIntent == null) {
-                | Intent.FLAG_ACTIVITY_EXCLUDE_FROM_RECENTS | Intent.FLAG_ACTIVITY_CLEAR_TASK);
+            return false;
-        getActivity().startActivity(newIntent);
+        }
        mConfirmingCredentialUser = userId;
        startActivityForResult(newIntent, REQUEST_CONFIRM_CREDENTIALS);
        return true;
    }
    /**
@@ -303,7 +341,8 @@ public class TrustedCredentialsSettings extends OptionsMenuFragment
        }
        @Override
        public CertHolder getChild(int groupPosition, int childPosition) {
-            return mData.mCertHoldersByUserId.get(getUserIdByGroup(groupPosition)).get(childPosition);
+            return mData.mCertHoldersByUserId.get(getUserIdByGroup(groupPosition)).get(
                    childPosition);
        }
        @Override
        public long getGroupId(int groupPosition) {
@@ -386,18 +425,27 @@ public class TrustedCredentialsSettings extends OptionsMenuFragment
        }
        public boolean checkGroupExpandableAndStartWarningActivity(int groupPosition) {
            return checkGroupExpandableAndStartWarningActivity(groupPosition, true);
        }
        public boolean checkGroupExpandableAndStartWarningActivity(int groupPosition,
                boolean startActivity) {
            final UserHandle groupUser = getGroup(groupPosition);
            final int groupUserId = groupUser.getIdentifier();
            if (mUserManager.isQuietModeEnabled(groupUser)) {
                final Intent intent = UnlaunchableAppActivity.createInQuietModeDialogIntent(
                        groupUserId);
-                getActivity().startActivity(intent);
+                if (startActivity) {
                    getActivity().startActivity(intent);
                }
                return false;
            } else if (!mUserManager.isUserUnlocked(groupUser)) {
                final LockPatternUtils lockPatternUtils = new LockPatternUtils(
                        getActivity());
                if (lockPatternUtils.isSeparateProfileChallengeEnabled(groupUserId)) {
-                    startWorkChallenge(groupUserId);
+                    if (startActivity) {
                        startConfirmCredential(groupUserId);
                    }
                    return false;
                }
            }
@@ -548,7 +596,8 @@ public class TrustedCredentialsSettings extends OptionsMenuFragment
        }
        public void prepare() {
-            mIsListExpanded = checkGroupExpandableAndStartWarningActivity();
+            mIsListExpanded = mParent.checkGroupExpandableAndStartWarningActivity(mGroupPosition,
                    false /* startActivity */);
            refreshViews();
        }
@@ -890,6 +939,15 @@ public class TrustedCredentialsSettings extends OptionsMenuFragment
        new AliasOperation(certHolder).execute();
    }
    @Override
    public boolean startConfirmCredentialIfNotConfirmed(int userId) {
        if (mConfirmedCredentialUsers.contains(userId)) {
            // Credential has been confirmed. Don't start activity.
            return false;
        }
        return startConfirmCredential(userId);
    }
    private class AliasOperation extends AsyncTask<Void, Void, Boolean> {
        private final CertHolder mCertHolder;